Financial Crime World

Digital Financier Fraudsters: ₹1.5 Lakh Crore Siphoned off in India in Three Years; Prevention Strategies

Cyber criminals attempting to steal confidential financial data

In the digital age, cybercrime is becoming increasingly rampant in India, impacting millions of individuals and organizations. According to the National Crime Records Bureau (NCRB), the financial toll of reported cybercrimes reached ₹66.66 crore in 2023. However, a recent report from the Indian Cybercrime Coordination Centre (I4C) reveals that digital financial frauds accounted for a colossal ₹1.25 lakh crore over the last three years.

Financial Toll of Digital Financial Fraud

  • ₹1.25 lakh crore lost over the last three years.
  • ₹10,319 crore reportedly went missing due to digital financial fraud incidents last year.
  • ₹2537.35 crore in domestic fraud reported in FY'23 by Supervising Entities (SE).

Modus Operandi of Digital Fraudsters

The Parliamentary standing committee on Finance’s report on “cyber security and rising incidents of cyber/white collar crimes” states that the tactics used by digital fraudsters in India largely revolve around these areas:

  1. Impersonation:

    • Conning victims into sending money through fake profiles on WhatsApp, Facebook, or Instagram.
    • Promising greater financial returns through investments or crypto schemes.

  2. Credential theft:

    • Stealing UPI ID, Personal Identification Number (PIN), One-Time Password (OTP), or Internet banking ID/password.
    • Convincing victims to share details over the phone.

  3. Card details theft:

    • Obtaining card details from victims.
    • Requesting One-Time Passwords (OTPs) to facilitate unauthorized transfers.

Post-Fraud Activities

Following a successful digital heist, scammers typically transfer the stolen funds through a series of temporary, secondary, and sink accounts. Transactions in temporary accounts receive funds from multiple victims, while secondary accounts are swirled within networks of circulators for concealment. The siphoned funds are eventually accumulated in a third-stage sink account.

Preventive Measures

To hinder digital financial fraud, the following preventive measures can be implemented:

  1. Multi-factor authentication (MFA):

    • Financial institutions must adopt MFA.
    • Access to accounts is granted only from authenticated devices.

  2. Screen-sharing restriction:

    • Disable screen-sharing on financial apps to prevent scammers from accessing sensitive information.

  3. Clear and Comprehensible data in bank statements:

    • Provide clear transactional data in bank statements, including the receiver’s account/mobile number irrespective of it being within or outside the bank.

  4. Data access speed:

    • Law enforcement agencies should be provided with information on data access in a predetermined format for ease of comprehension and analysis, such as CSV or XLSX files.

  5. Record IMEI:

    • Store IMEI details of the device being used to access financial apps for investigations.

The Way Forward

As per the Bharatiya Nagarik Suraksha Sanhita 2023, organized crime is defined as a continuous unlawful activity. Digital financial fraud falls under this definition. In view of the challenges posed by interstate fraud networks, law enforcement agencies must be empowered to conduct interstate raids and arrests:

  • Recognizing interstate digital financial fraud networks as a serious crime.
  • Restricting bail for fraudsters.

A collaborative effort from the fintech and telecom industries to take preventive measures, as well as rapid data access, will significantly enhance prevention, detection, recovery, and conviction efforts.